CNNVD-202507-3908 Information

CNNVD ID

CNNVD-202507-3908

Related CVE

CVE-2013-10043

• CNNVD Published: 2025-07-31

Description (Chinese)

Astium VoIP PBX是Astium公司的一个基于IP网络的电话交换系统。 Astium VoIP PBX astium-confweb-2.1-25399及之前版本存在安全漏洞，该漏洞源于logon.php脚本输入验证不当，可能导致SQL注入和远程代码执行。

Description (English)

Astium VoIP PBX is an IP-based telephone exchange system for Astium. Astium VoIP PBX Astium-confweb-21-2539 and previous versions have security loopholes, which stem from poor validation of logon.php scripts, which may lead to SQL injection and remote code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Astium

Published

2025-07-31

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/ https://www.exploit-db.com/exploits/23831 https://www.vulncheck.com/advisories/astium-voip-pbx-sqli-file-upload-rce